package com.vastcom.springbootangular5.rest;

import com.vastcom.springbootangular5.model.UserTokenState;
import com.vastcom.springbootangular5.security.TokenHelper;
import com.vastcom.springbootangular5.service.impl.CustomUserDetailsService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.http.MediaType;
import org.springframework.http.ResponseEntity;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.*;

import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.xml.ws.Response;
import java.util.HashMap;
import java.util.Map;

@RestController
@RequestMapping(value = "/api",produces = MediaType.APPLICATION_JSON_VALUE)
public class AuthenticationController {

    @Autowired
    private CustomUserDetailsService userDetailsService;
    @Autowired
    private TokenHelper tokenHelper;

    @Value("${jwt.expires_in}")
    private int EXPIRES_IN;

    @Value("${jwt.cookie}")
    private String TOKEN_COOKIE;

    @RequestMapping(value = "/refresh" ,method = RequestMethod.GET)
    public ResponseEntity<?> refreshAuthenticationToken(HttpServletRequest request, HttpServletResponse response){
        String authToken=tokenHelper.getToken(request);
        if(authToken!=null&&tokenHelper.canTokenBeRefreshed(authToken)){
            String refreshedToken=tokenHelper.refreshToken(authToken);
            Cookie authCookie=new Cookie(TOKEN_COOKIE,(refreshedToken));
            authCookie.setPath("/");
            authCookie.setHttpOnly(true);
            authCookie.setMaxAge(EXPIRES_IN);
            response.addCookie(authCookie);

            UserTokenState userTokenState=new UserTokenState(refreshedToken,EXPIRES_IN);
            return ResponseEntity.ok(userTokenState);

        }
        else{
            UserTokenState userTokenState=new UserTokenState();
            return ResponseEntity.accepted().body(userTokenState);
        }
    }

    @RequestMapping(value = "changePassword",method = RequestMethod.POST)
    @PreAuthorize("hasRole('USER')")
    public ResponseEntity<?> changePassword(@RequestBody PasswordChange passwordChange){
        userDetailsService.changePassword(passwordChange.oldPassword,passwordChange.newPassword);
        Map<String,String> result=new HashMap<>();
        result.put("result","success");
        return ResponseEntity.accepted().body(result);
    }


    static class PasswordChange{
        public String oldPassword;
        public String newPassword;
    }


}
